IPS license

We have a perimetral FW. We are thinking in buying IPS license in order to avoid attacks from outside. So i would like to clarify the next subjects about IPS license.

-License -> IPS license- Performance -> Enabling this feature what minimum requisites are needed? We dont want to have issues about CPU/,memory .....-Administration -> Is it necessary many work hours to configure IPS blade (signatures...)? or is almost "plug a play"

We found that most of the basic profiles for IPS cause a load increase on the the gateway of round about 1.2 times the load without IPS.

There are some predefined profiles which are working great in most cases, plus you can create you own, that could contaim all high and critical risk with low and medium impact, but only for client side protections.

Fine-tuning is something that will need to be done where and when needed. Some specifics might cause havoc, but then you can open that protection directly from logging and create a exception when you know it is a false positive.